-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[RFC] Allow defining mounts for whole stage #1209
Comments
a few nits,
|
Ah; yes, haven't tried any of the code; I guess it works for illustration purposes 😂
Agreed; that concern played in my head; on the other hand, it's no different from defining an |
Defining mounts for the full stage is potentially wasteful. Using mounts for processes that don't actually need it makes instructions cached by wrong dependencies and makes cache mounts locking more complex. Eg. when doing So instead, I think we should approach it by defining reusable code that can be invoked in A quick example that I haven't thought through:
I've also seen some proposals for just defining flags (eg. Related:
|
@tonistiigi I really like the DEFINE approach. |
@FernandoMiguel This is all just a syntax in Dockerfile, no changes in how the builder works/caches internally. |
@tonistiigi this topic came up in a chat I had with @nebuk89. Wondering; could these definitions be somehow distributed? (so that "pre-defined" languages / recipes could be pushed to docker hub, and other users could make use of them for a simplified workflow? |
Just a quick thought, not a fully written/designed proposal.
The experimental syntax currently allows using
RUN --mount
, which is great. Mounts allow using files as part of your build, without them ending up in (intermediate) image layers, while still being able to use the build cache.However, having to specify the mount for each
RUN
can lead to repetition in some Dockerfiles, or make a Dockerfile too complicated.Taken the following example from the moby Dockerfile;
While the above isn't a "beauty", there's some things to notice here;
--mount=type=cache
or--mount=type=tmpfs
)RUN
, so that the cloned repository can be cleaned up afterwardsSimplifying the example (taking the architecture check out), and using
--mount=type=cache
still gives me;The above could be simplified a bit further (the example above may not be the best), but ideally, I'd be able to split the code above into separate
RUN
lines, not having to&&
chain all script steps in a singleRUN
.However, doing so requires me to repeat all the
--mount
options for eachRUN
, which makes it quite cluttered and repetitive;Instead, perhaps it's possible to define mounts for a whole build-stage. Every
RUN
step in the stage would inherit those mounts;Note that requiring the options to be directly after
FROM
is kinda ugly; perhaps an alternative syntax, allowing options to be passed at the end would work;FROM base AS registry \ --mount=type=cache,target=/root/.cache/go-build \ --mount=type=cache,target=/go/pkg/mod \ --mount=type=cache,target=/go/src/github.com/docker/distribution
Or, instead of putting this option on
FROM
, having aMOUNT
keyword, or aSTAGE
keyword (to define "stage scoped" options) could be a solution;FROM base AS registry STAGE --mount=type=cache,target=/root/.cache/go-build \ --mount=type=cache,target=/go/pkg/mod \ --mount=type=cache,target=/go/src/github.com/docker/distribution
Inheritance
Haven't given this one much thought; should another stage using
FROM stage-with-mounts
inherit those mounts? I think it'd make sense;RUN
Note that this examples above focus on "caching", but secrets (
--mount=type=secret
) could greatly benefit from this; define the secret in your base image, and all stages will have access to the secret(s) that are needed during build.The text was updated successfully, but these errors were encountered: